This repository was archived by the owner on Oct 14, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathparser-wrapper.js
More file actions
120 lines (106 loc) · 3.38 KB
/
parser-wrapper.js
File metadata and controls
120 lines (106 loc) · 3.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
const axios = require("axios");
const { parse } = require("./parser/parser");
const uuid = require("uuid/v4");
const k8s = require("@kubernetes/client-node");
function severityCount(findings, severity) {
return findings.filter(
({ severity: findingSeverity }) =>
findingSeverity.toUpperCase() === severity
).length;
}
async function updateScanStatus(findings) {
const kc = new k8s.KubeConfig();
kc.loadFromCluster();
const k8sApi = kc.makeApiClient(k8s.CustomObjectsApi);
const scanName = process.env["SCAN_NAME"];
const namespace = process.env["NAMESPACE"];
try {
const findingCategories = new Map();
for (const { category } of findings) {
if (findingCategories.has(category)) {
findingCategories.set(category, findingCategories.get(category) + 1);
} else {
findingCategories.set(category, 1);
}
}
await k8sApi.patchNamespacedCustomObjectStatus(
"execution.securecodebox.io",
"v1",
namespace,
"scans",
scanName,
{
status: {
findings: {
count: findings.length,
severities: {
informational: severityCount(findings, "INFORMATIONAL"),
low: severityCount(findings, "LOW"),
medium: severityCount(findings, "MEDIUM"),
high: severityCount(findings, "HIGH"),
},
categories: Object.fromEntries(findingCategories.entries()),
},
},
},
undefined,
undefined,
undefined,
{ headers: { "content-type": "application/merge-patch+json" } }
);
console.log("Updated status successfully");
} catch (err) {
console.error("Failed to update Scan Status via the kubernetes api");
console.error(err);
process.exit(1);
}
}
async function main() {
console.log("Starting Parser");
const resultFileUrl = process.argv[2];
const resultUploadUrl = process.argv[3];
console.log("Fetching result file");
const { data } = await axios.get(resultFileUrl);
console.log("Fetched result file");
let findings = [];
try {
findings = await parse(data);
} catch (error) {
console.error("Parser failed with error:");
console.error(error);
process.exit(1);
}
console.log(`Transformed raw result file into ${findings.length} findings`);
console.log("Adding UUIDs to the findings");
const findingsWithIds = findings.map((finding) => {
return {
...finding,
id: uuid(),
};
});
await updateScanStatus(findings);
console.log(`Uploading results to the file storage service`);
await axios
.put(resultUploadUrl, findingsWithIds, { headers: { "content-type": "" } })
.catch(function(error) {
if (error.response) {
// The request was made and the server responded with a status code
// that falls out of the range of 2xx
console.error(
`Finding Upload Failed with Response Code: ${error.response.status}`
);
console.error(`Error Response Body: ${error.response.data}`);
} else if (error.request) {
console.error(
"No response received from FileStorage when uploading finding"
);
console.error(error);
} else {
// Something happened in setting up the request that triggered an Error
console.log("Error", error.message);
}
process.exit(1);
});
console.log(`Completed parser`);
}
main();